Authentic Best resources for 312-39 Test Engine Practice Exam
[2021] 312-39 PDF Questions - Perfect Prospect To Go With DumpStillValid Practice Exam
NEW QUESTION 35
Properly applied cyber threat intelligence to the SOC team help them in discovering TTPs.
What does these TTPs refer to?
- A. Targets, Threats, and Process
- B. Tactics, Targets, and Process
- C. Tactics, Threats, and Procedures
- D. Tactics, Techniques, and Procedures
Answer: D
NEW QUESTION 36
What does the Security Log Event ID 4624 of Windows 10 indicate?
- A. An account was successfully logged on
- B. New process executed
- C. Service added to the endpoint
- D. A share was assessed
Answer: A
NEW QUESTION 37
Which of the following data source will a SOC Analyst use to monitor connections to the insecure ports?
- A. DHCP Data
- B. DNS Data
- C. IIS Data
- D. Netstat Data
Answer: D
NEW QUESTION 38
According to the Risk Matrix table, what will be the risk level when the probability of an attack is very high, and the impact of that attack is major?
NOTE: It is mandatory to answer the question before proceeding to the next one.
- A. High
- B. Extreme
- C. Medium
- D. Low
Answer: A
NEW QUESTION 39
Which of the following formula is used to calculate the EPS of the organization?
- A. EPS = number of correlated events / time in seconds
- B. EPS = number of normalized events / time in seconds
- C. EPS = number of security events / time in seconds
- D. EPS = average number of correlated events / time in seconds
Answer: D
NEW QUESTION 40
Which of the following tool can be used to filter web requests associated with the SQL Injection attack?
- A. UrlScan
- B. Nmap
- C. ZAP proxy
- D. Hydra
Answer: A
NEW QUESTION 41
Which of the following is a correct flow of the stages in an incident handling and response (IH&R) process?
- A. Incident Triage -> Eradication -> Containment -> Incident Recording -> Preparation -> Recovery -> Post-Incident Activities
- B. Preparation -> Incident Recording -> Incident Triage -> Containment -> Eradication -> Recovery -> Post-Incident Activities
- C. Incident Recording -> Preparation -> Containment -> Incident Triage -> Recovery -> Eradication -> Post-Incident Activities
- D. Containment -> Incident Recording -> Incident Triage -> Preparation -> Recovery -> Eradication -> Post-Incident Activities
Answer: B
NEW QUESTION 42
Which of the following is a set of standard guidelines for ongoing development, enhancement, storage, dissemination and implementation of security standards for account data protection?
- A. PCI-DSS
- B. HIPAA
- C. FISMA
- D. DARPA
Answer: A
NEW QUESTION 43
Sam, a security analyst with INFOSOL INC., while monitoring and analyzing IIS logs, detected an event matching regex /\\w*((\%27)|(\'))((\%6F)|o|(\%4F))((\%72)|r|(\%52))/ix.
What does this event log indicate?
- A. XSS Attack
- B. SQL Injection Attack
- C. Parameter Tampering Attack
- D. Directory Traversal Attack
Answer: B
NEW QUESTION 44
John, a threat analyst at GreenTech Solutions, wants to gather information about specific threats against the organization. He started collecting information from various sources, such as humans, social media, chat room, and so on, and created a report that contains malicious activity.
Which of the following types of threat intelligence did he use?
- A. Strategic Threat Intelligence
- B. Technical Threat Intelligence
- C. Tactical Threat Intelligence
- D. Operational Threat Intelligence
Answer: D
NEW QUESTION 45
Which of the following attack can be eradicated by disabling of "allow_url_fopen and allow_url_include" in the php.ini file?
- A. URL Injection Attacks
- B. LDAP Injection Attacks
- C. Command Injection Attacks
- D. File Injection Attacks
Answer: A
NEW QUESTION 46
Which of the following threat intelligence is used by a SIEM for supplying the analysts with context and
"situational awareness" by using threat actor TTPs, malware campaigns, tools used by threat actors.
1.Strategic threat intelligence
2.Tactical threat intelligence
3.Operational threat intelligence
4.Technical threat intelligence
- A. 2 and 3
- B. 1 and 2
- C. 3 and 4
- D. 1 and 3
Answer: A
NEW QUESTION 47
Which of the following service provides phishing protection and content filtering to manage the Internet experience on and off your network with the acceptable use or compliance policies?
- A. I-Blocklist
- B. Apility.io
- C. OpenDNS
- D. Malstrom
Answer: C
NEW QUESTION 48
What does Windows event ID 4740 indicate?
- A. A user account was enabled.
- B. A user account was locked out.
- C. A user account was created.
- D. A user account was disabled.
Answer: B
NEW QUESTION 49
Which of the following contains the performance measures, and proper project and time management details?
- A. Incident Response Process
- B. Incident Response Policy
- C. Incident Response Tactics
- D. Incident Response Procedures
Answer: D
NEW QUESTION 50
Which of the following is a Threat Intelligence Platform?
- A. TC Complete
- B. Apility.io
- C. SolarWinds MS
- D. Keepnote
Answer: C
NEW QUESTION 51
Which of the following Windows features is used to enable Security Auditing in Windows?
- A. Windows Defender
- B. Windows Firewall
- C. Local Group Policy Editor
- D. Bitlocker
Answer: C
NEW QUESTION 52
Identify the HTTP status codes that represents the server error.
- A. 2XX
- B. 5XX
- C. 4XX
- D. 1XX
Answer: B
NEW QUESTION 53
The threat intelligence, which will help you, understand adversary intent and make informed decision to ensure appropriate security in alignment with risk.
What kind of threat intelligence described above?
- A. Functional Threat Intelligence
- B. Strategic Threat Intelligence
- C. Tactical Threat Intelligence
- D. Operational Threat Intelligence
Answer: B
NEW QUESTION 54
......
Best updated resource for 312-39 Online Practice Exam: https://www.dumpstillvalid.com/312-39-prep4sure-review.html
Realistic Practice 312-39 Certified SOC Analyst (CSA) Exam Braindumps: https://drive.google.com/open?id=1QcfXMMLyw8-DfSC8M8-WtH79bACkVBoz
